Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The Death Of A Firewall

From: Pedski <pedski () optonline net>
Date: Mon, 17 Oct 2005 21:30:12 -0400
James Paterson wrote:


http://www.securitypipeline.com/165700439

Be interesting to get the communities take on this article.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


This is a model that has holes...
router acl are not statefull.
they seem to have some secutiy by means of DMZ
the managemnt overhead of this is high..sometimes is not that easy deploying patches if the vulnerabilty came in the night...meaning if you are blocking everything with a firewall you bought yourself some time....in this case they are open ...the term raise their immunity to exists in hashers condition sounds really nice...but often attacks or worms come like a thief in the night...... 

there is something flawed with this architecture.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: